top of page

Privacy Policy

This Privacy Policy (“Policy”) describes how Knest Manufacturers Pvt. Ltd. and its subsidiaries—Knest Gujarat Private Limited, Knest Verticals Private Limited, Knest Environment Systems Private Limited, and Knest 3D Concrete Printing Private Limited (collectively, “Knest”, “we”, “our”, or “us”)—collect, use, store, disclose, and dispose of personal data. It applies to all data subjects whose data we process in connection with our business operations, including:
• Current and former employees
• Job applicants and interns
• Business partners, vendors, and third‑party service providers
• Consultants and contractors
• Visitors to our premises and users of our website www.knestaluform.com (“Website”)
• Any other individuals whose personal data Knest processes in the course of providing goods or services

 

1. Definitions

  • Personal Data: Personal data means any data relating to a Data Subject which is capable of identifying such Data Subject directly or indirectly such as name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that Data Subject. Personal Data will include Sensitive Personal Information and Special Categories of Personal Information unless otherwise stated. We will strive to ensure that Personal Data collected by us is adequate, relevant and limited to what is necessary in relation to the intended purpose

  • Sensitive Personal Data: Personal data revealing racial or ethnic origin, religious or philosophical beliefs, biometric or health information, or any other data classified as sensitive under applicable law (e.g., DPDP Act 2023).

  • Processing: Any operation performed on personal data, including collection, recording, organization, structuring, storage, use, disclosure, or erasure.

  • Data Subject / Data Principal: The individual to whom the personal data relates.

  • Controller / Data Fiduciary: The natural or legal person that determines the purposes and means of processing personal data. Knest acts as a Controller/Fiduciary under most circumstances.

  • Processor: A natural or legal person that processes personal data on behalf of the Controller/Fiduciary.

  • Applicable Laws: India’s Digital Personal Data Protection Act 2023 (“DPDP Act”), the Information Technology Act 2000 and SPDI Rules 2011, and any other data‑protection regulations relevant to Knest’s operations.

 

2. Legal Bases for Processing

We process personal data only when at least one of the following bases applies:

  • Consent of the data subject, obtained through clear affirmative action.

  • Performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering a contract.

  • Compliance with a legal or regulatory obligation.

  • Legitimate interests pursued by Knest or a third party, balanced against the rights and freedoms of the data subject.

  • Protection of vital interests of the data subject or another natural person.

 

3. Categories of Personal Data Collected

  • Identifiers: Name, employee ID, photograph, signature, contact details (postal address, email, telephone).

  • Employment Data: Job title, department, compensation, attendance, performance evaluations, disciplinary records.

  • Financial & Statutory Data: Permanent Account Number (PAN), bank account details, tax information, provident‑fund and social‑security identifiers.

  • Health & Safety Data: Insurance details, medical certificates, vaccination records, emergency contacts, accident reports.

  • Digital Interaction Data: IP addresses, device identifiers, cookies, system and application access logs, CCTV footage, location data when accessing company resources.

  • Special Categories (processed only under strict controls): biometric templates, disability information, trade‑union membership (where applicable).

 

4. Methods of Collection

  • Directly from data subjects via physical or digital forms, interviews, contracts, or email.

  • Automatically via cookies, server logs, CCTV, access‑control systems, and other monitoring technologies.

  • From third parties such as background‑check agencies, former employers, recruiters, and public databases, subject to lawful authorization.

 

5. Purpose of Processing

  • Recruitment, onboarding, and employment lifecycle management.

  • Administration of payroll, benefits, travel, and expense management.

  • Performance appraisal, training, and professional development.

  • Grievance handling, disciplinary procedures, and whistle‑blower investigations.

  • Security management, including identity verification, visitor management, and CCTV surveillance.

  • Regulatory reporting, tax filings, and statutory compliance.

  • Marketing, sales enablement, and business development (with consent where required).

  • Analytics, website optimization, and product improvement.

  • Incident management, fraud prevention, and legal defense.

 

6. Automated Decision‑Making & Profiling

Knest does not engage in profiling or automated decision‑making that produces legal or similarly significant effects on data subjects without human intervention. If such processing becomes necessary, we will conduct a Data Protection Impact Assessment (“DPIA”) and provide meaningful information about the logic involved, as well as the significance and envisaged consequences for data subjects.

 

7. Cookies & Tracking Technologies

Our Website uses first‑party and third‑party cookies to personalize content, analyze traffic, and deliver targeted advertising. Users may control cookie preferences through the browser or our cookie‑consent banner. Disabling cookies may impact Website functionality.

  • Essential Cookies – Required for core site functionality and security.

  • Functional Cookies – Enhance performance and remember user preferences.

  • Analytics Cookies – Collect aggregated usage statistics (e.g., Google Analytics with IP anonymization).

  • Marketing Cookies – Deliver advertisements relevant to your interests.

 

8. Data Sharing & Third‑Party Disclosures

  • Within the Knest group for internal administrative purposes.

  • With trusted vendors, consultants, auditors, payroll processors, cloud‑service providers, and professional advisers under written agreements that impose data‑protection obligations equivalent to this Policy.

  • With public authorities, regulators, courts, or law‑enforcement agencies when required by applicable law or lawful order.

  • With prospective buyers or investors in connection with a merger, acquisition, or sale of assets, subject to confidentiality commitments.

 

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined above or to comply with legal, contractual, or statutory obligations. Retention periods are defined in our Data Retention Schedule and are periodically reviewed. When data is no longer required, it is securely deleted or anonymized.

 

10. Security Measures

  • Encryption of data in transit and at rest, where applicable.

  • Role‑based access controls and multi‑factor authentication.

  • Regular vulnerability assessments, penetration tests, and security audits.

  • Employee privacy and security training and awareness programs.

  • Incident response plan and data‑breach notification procedures in line with DPDP Act requirements.

 

11. Data Subject Rights

  • Right to access personal data.

  • Right to rectification of inaccurate or incomplete data.

  • Right to erasure (“right to be forgotten”), subject to legal limitations.

  • Right to restrict or object to processing.

  • Right to data portability (where technically feasible).

  • Right to withdraw consent at any time, without affecting prior processing based on consent.

  • Right to lodge a complaint with a supervisory authority or the Data Protection Board of India.

 

12.⁠ ⁠Children’s Data
We do not target or knowingly collect data from individuals below the age of 18 for commercial purposes. However, in the course of legitimate employment and statutory obligations—such as Provident Fund (PF) nominations, Employees' State Insurance (ESIC) nomination and registrations, group insurance coverage details, etc., we may collect and process the personal data of individuals aged 18 and below, strictly for lawful purposes. Such data will be handled with enhanced safeguards, in alignment with applicable legal requirements.

 

13. Governance & Compliance

Knest maintains a Privacy Governance Framework overseen by designated Data Protection Officer (“DPO”) - Mr. Vaibhav Jadhav (vaibhav.jadhav@knestaluform.in ). Responsibilities include monitoring compliance, providing advice on DPIAs, liaising with regulatory authorities, and serving as a point of contact for data subjects.

 

14. Updates to This Policy

We may revise this Policy periodically to reflect changes in the law or our processing activities. Material changes will be notified via email or a prominent notice on our Website, and where required, we will seek renewed consent.

 

15. Contact Us

For questions, requests, or complaints regarding this Policy or your personal data, contact:
Data Protection Officer
Knest Manufacturers Pvt. Ltd.
Unit 801/802, Om Chambers, T‑29/31,
Bhosari Industrial Estate, Telco Road,
Next to Toyota Showroom, Bhosari,
Pune – 411026, Maharashtra, India
Email: vaibhav.jadhav@knestaluform.in

 

16. Governing Law & Jurisdiction

This Policy is governed by and construed in accordance with the laws of India. Any disputes shall be subject to the exclusive jurisdiction of courts in Pune, Maharashtra.

bottom of page